[pfx] Re: Rate limiting a group of domains

785 243 via Postfix-users: > I want to implement rate limiting based on the target server rather > than by recipient domain. Specifically, I want to rate limit email > sent to domains like yahoo.com, ymail.com, aol.com, myyahoo.com, and > verizon.net as a group, since these domains appears to be ha

[pfx] Re: Rate limiting gmail

Dnia 22.08.2023 o godz. 18:27:40 Wietse Venema via Postfix-users pisze: > > Unfortunatey, the Postfix schedulerisn't smart enough to figure out > that a domain is hosted at google. Even if the doain is not google, > it may be hosted there and add to your rate limit. I'm not claiming > that gmail

[pfx] Re: Rate limiting gmail

On Tue, Aug 22, 2023 at 03:41:43PM -0400, Alex via Postfix-users wrote: > I'm hoping I could ask what is probably an FAQ but I haven't seen > anything on it recently. I've already implemented some type of rate > limiting for delivering to gmail, but it's apparently not working > satisfactorily for

[pfx] Re: Rate limiting gmail

Jaroslaw Rafa via Postfix-users: > Dnia 22.08.2023 o godz. 15:41:43 Alex via Postfix-users pisze: > > This mail server unfortunately has quite a few users who use ~/.forward to > > forward mail through to their personal gmail account from their corporate > > account. > > > > Aug 22 15:33:08 cipher

[pfx] Re: Rate limiting gmail

Dnia 22.08.2023 o godz. 15:41:43 Alex via Postfix-users pisze: > This mail server unfortunately has quite a few users who use ~/.forward to > forward mail through to their personal gmail account from their corporate > account. > > Aug 22 15:33:08 cipher postfix-gmail/smtp[2551987]: 5EF9820E0E1E8:

Re: Rate limiting local clients: configuration and logging

On 4/01/23 19:33, Hébergement Arbre Binaire wrote: I just don't understand the process: if a local client uses sendmail to enqueue an email, that client is not expecting much more than a zero or non-zero response code.  If the shim is set up to communicate using SMTP and Postfix responds that i

Re: Rate limiting local clients: configuration and logging

On Wed, 4 Jan 2023 at 00:52, Hébergement Arbre Binaire wrote: > > I really appreciate your (very) thorough answer. I'll use it to search for a > solution or devise a homemade one. > > The problem I'm describing affects so many web hosts... I'm surprised that > this security problem has not bee

Re: Rate limiting local clients: configuration and logging

Thanks, I'll check postfwd in details too and see what fits best to my use case. All the best, François

Re: Rate limiting local clients: configuration and logging

H?bergement Arbre Binaire: > >As far as I know, "msmtp" can be used >as a replacement for > >/usr/sbin/sendmail to submit mail via >SMTP instead of writing it directly > to > >the queue > > That was a suggestion of Viktor too, but I did not investigated further > after reading the outdated descrip

Re: Rate limiting local clients: configuration and logging

>As far as I know, "msmtp" can be used >as a replacement for >/usr/sbin/sendmail to submit mail via >SMTP instead of writing it directly to >the queue That was a suggestion of Viktor too, but I did not investigated further after reading the outdated description of a piece of software that seemed o

Re: Rate limiting local clients: configuration and logging

Dnia 3.01.2023 o godz. 19:20:30 Hébergement Arbre Binaire pisze: > > Aside from creating a "shim" of some sort to catch sendmail calls made by > random malicious scripts and that uses SMTP to route mail to the local MTA, > I don't see any solution. It's a bit above my paygrade since any and all

Re: Rate limiting local clients: configuration and logging

I just don't understand the process: if a local client uses sendmail to enqueue an email, that client is not expecting much more than a zero or non-zero response code. If the shim is set up to communicate using SMTP and Postfix responds that it will not enqueue mail from localhost because of "Too

Re: Rate limiting local clients: configuration and logging

On Wed, Jan 04, 2023 at 12:25:47AM -0500, Hébergement Arbre Binaire wrote: > I don't know if this could be put to consideration by your dev team (or > not, because of technical considerations above my knowledge), but a single > door to a barn makes a more secure barn. My "dev" team is just me, an

Re: Rate limiting local clients: configuration and logging

>The real "only" way to enqueue mail for local delivery via Postfix is >postdrop(1), which is "setgid" to a group that can write to the >"maildrop" queue. If you set "authorized_submit_users" to a restricted >set of trusted system accounts, then all users would have to use your >shim, a postdrop(1

Re: Rate limiting local clients: configuration and logging

On Tue, Jan 03, 2023 at 07:50:19PM -0500, Hébergement Arbre Binaire wrote: > Maybe I should ask another question: is sendmail the ONLY way for a local > script (be it any kind of script: PHP or otherwise) to queue a mail for > delivery? All that applications can portably expect to work for local

Re: Rate limiting local clients: configuration and logging

>Otherwise, the script can just send mail directly As far as my experience goes, abusive scripts depend on the local MTA to relay abusive mail. They would need to crack two hosts instead of a single one to route bad mail. Maybe I should ask another question: is sendmail the ONLY way for a local

Re: Rate limiting local clients: configuration and logging

On Tue, Jan 03, 2023 at 07:20:30PM -0500, Hébergement Arbre Binaire wrote: > >If submission rate limits are required, use SMTP instead of the Postfix > sendmail command. > > Aside from creating a "shim" of some sort to catch sendmail calls made by > random malicious scripts and that uses SMTP to

Re: Rate limiting local clients: configuration and logging

On 1/3/23 19:20, Hébergement Arbre Binaire wrote: >> If submission rate limits are required, use SMTP instead of the Postfix > sendmail command. > > Aside from creating a "shim" of some sort to catch sendmail calls made by > random malicious scripts and that uses SMTP to route mail to the local MT

Re: Rate limiting local clients: configuration and logging

>If submission rate limits are required, use SMTP instead of the Postfix sendmail command. Aside from creating a "shim" of some sort to catch sendmail calls made by random malicious scripts and that uses SMTP to route mail to the local MTA, I don't see any solution. It's a bit above my paygrade s

Re: Rate limiting local clients: configuration and logging

H?bergement Arbre Binaire: > I really appreciate your (very) thorough answer. I'll use it to search for > a solution or devise a homemade one. > > The problem I'm describing affects so many web hosts... I'm surprised that > this security problem has not been circumvented in any reliable way. I

Re: Rate limiting local clients: configuration and logging

I really appreciate your (very) thorough answer. I'll use it to search for a solution or devise a homemade one. The problem I'm describing affects so many web hosts... I'm surprised that this security problem has not been circumvented in any reliable way. I understand Postfix cannot fix alone t

Re: Rate limiting local clients: configuration and logging

On Tue, Jan 03, 2023 at 06:03:29PM -0500, Hébergement Arbre Binaire wrote: > Local clients (bash scripts and PHP mailers in particular) are still not > rate limited at all. How can I accomplish this? The simple answer is that You can't, without replacing sendmail(1), with something that submits

Re: Rate Limiting users from different IPs

On 8/1/2018 12:43 PM, Durga Prasad Malyala wrote: > Hello all, > To overcome scam due to compromised accounts,Currently we are using a > beautiful software https://github.com/MirLach/ratelimit-policyd > > However we have a few issues. Generally spammers dont put a lot of > peple in cc or bcc. they

Re: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)?

nch.com Cc: postfix-users@postfix.org Subject: Re: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)? On 4 January 2017 at 08:53, wrote: > Reread. I don't not block port 25. > > I assure you, OVH has been used for C&C by h

Re: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)?

postfix.org; li...@lazygranch.com > Subject: Re: Rate-limiting access to postfix on the firewall, what are decent > numbers (depending on overall traffic)? > > On 4 January 2017 at 02:16, < > li...@lazygranch.com> wrote: >> >> ‎http://bgp.he.net/AS16276#_prefixes >

Re: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)?

Reread. I don't not block port 25. I assure you, OVH has been used for C&C by hackers. Angler comes to mind.    Original Message   From: Dominic Raferd Sent: Tuesday, January 3, 2017 11:42 PM To: postfix-users@postfix.org; li...@lazygranch.com Subject: Re: Rate-limiting access to postf

Re: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)?

On 4 January 2017 at 02:16, < li...@lazygranch.com> wrote: > > ‎http://bgp.he.net/AS16276#_prefixes > I'd switch to 587 and block everything OVH. Actually I do just that since OVH > is on my Web Access blocking list, which I also use to block all mail ports > other than 25. > > OVH VPS are often

Re: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)?

  From: John Fawcett Sent: Tuesday, January 3, 2017 6:46 AM To: postfix-users@postfix.org Subject: Re: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)? On 01/03/2017 01:37 PM, Gerben Wierda wrote: > My postfix MTA has been under a lot of D

Re: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)?

On 01/03/2017 01:37 PM, Gerben Wierda wrote: > My postfix MTA has been under a lot of DOS-like attention. Such as a botnet > sending many EHLO-requests, then password attempts: > ... > It does the first part from a multitude of machines. > > I want to stop this by setting a rate limiting rule in m

RE: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)?

Hi, are you already leveraging Anvil ? Or at least checked if it can help the situation ? http://www.postfix.org/TUNING_README.html http://www.postfix.org/anvil.8.html -Angelo Fazzina Operating Systems Programmer / Analyst University of Connecticut,  UITS, SSG, Server Systems 860-486-9075 --

Re: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)?

On 3 January 2017 at 12:37, Gerben Wierda wrote: > My postfix MTA has been under a lot of DOS-like attention. Such as a botnet > sending many EHLO-requests, then password attempts: > > First a lot of: > 2017-01-03 10:09:54.964765+0100 0x6254a9 Info0x0 > 12992 smtpd: c

Re: Rate Limiting & 'destination_concurrency_limit'

On 10/18/2016 9:32 AM, Fazzina, Angelo wrote: > Noel, I'm confused. > What you say seems to contradict this: > > The default_destination_concurrency_limit parameter (default: 20) controls > how many messages may be sent to the same destination simultaneously > FROM : http://www.postfix.org/TUNING

Re: Rate Limiting & 'destination_concurrency_limit'

Fazzina, Angelo: > Noel, I'm confused. > What you say seems to contradict this: > > The default_destination_concurrency_limit parameter (default: 20) controls > how many messages may be sent to the same destination simultaneously > FROM : http://www.postfix.org/TUNING_README.html As documented t

RE: Rate Limiting & 'destination_concurrency_limit'

-486-9075 -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Noel Jones Sent: Tuesday, October 18, 2016 9:50 AM To: postfix-users@postfix.org Subject: Re: Rate Limiting & 'destination_concurrency_limit' On 10/18/20

Re: Rate Limiting & 'destination_concurrency_limit'

On 10/18/2016 3:39 AM, David Byrne wrote: > Hi all, > We need a way to limit outbound mails to a specific domain to just 10 mails > in 10minutes. The issue I’m having is that I can only get it to send 1 email > every queue run, so 1 email every 10minutes. I can set the > destionation_rate_delay

Re: Rate Limiting & 'destination_concurrency_limit'

David Byrne: > Hi all, > We need a way to limit outbound mails to a specific domain to just > 10 mails in 10minutes. The issue I?m having is that I can only get > it to send 1 email every queue run, so 1 email every 10minutes. I > can set the destionation_rate_delay to 1minute, and have 10 of > the

Re: rate limiting bad-bot HANGUPs in postscreen?

> I'm wondering what to do in case of future attacks like this. I'm using a fail2ban+ipsets to catch these quickly & ban them efficiently. Works well. Simply use a regex like in those grep commands to match. Make sure you test your matches -- using a combo or online regex tester & fail2ban-re

Re: rate limiting bad-bot HANGUPs in postscreen?

Vincent Lefevre: > [...] > 130 [75.147.78.177] > 366 [213.193.32.35] > 492 [193.189.117.148] > 100543 [108.245.138.130] > > So, this was due to a single IP address, which did more than 100,000 > connections within 15 hours! fail2ban Wietse

Re: rate limiting bad-bot HANGUPs in postscreen?

On 2016-04-09 18:51:00 -0400, Wietse Venema wrote: > jaso...@mail-central.com: > > conitinues on for a total of (in this case) 237 attempts in one > > continuous string over a few minutes. > > All connections are blocked after 0.1 second, as the client fails > both the DNSBL and the pregreet tests

Re: rate limiting

Thanks, Curtis. We have taken all that in to consideration. I'll spare you the long story, but we are testing somewhat specific things. :-) -c If you are trying to simulate a very busy mailserver, then you should be concerned about connections to it from multiple hosts per second most sending

Re: rate limiting

In message <5707263d.7000...@caseyconnor.org> Casey Connor writes: > > Thank you -- will it accept decimal seconds? > > We are sending on the order of 50-200+ messages per second in this > stress test, so the delay between messages could be smaller than .005 > seconds. If you are trying to si

Re: rate limiting bad-bot HANGUPs in postscreen?

In message <1460213048.1937714.573722321.23756...@webmail.messagingengine.com> jaso...@mail-central.com writes: > With postscreen in place, bad bots arr getting fended off. > > Many give up and go away after a couple of tries. > > Some, these days mostly 'ymlf-pc' bots, are more persistent. >

Re: rate limiting bad-bot HANGUPs in postscreen?

jaso...@mail-central.com: > conitinues on for a total of (in this case) 237 attempts in one > continuous string over a few minutes. All connections are blocked after 0.1 second, as the client fails both the DNSBL and the pregreet tests. At one connection per second, this uses very few resources, s

Re: rate limiting bad-bot HANGUPs in postscreen?

I use a script which greps for repeated HANGUPS (and non-SNMP commands, etc) and adds them to a postscreen access file (a separate blacklist file chat can be re-compiled as and when). The black-list entry is retracted after a day or so. A second script looks for repeated black-list refusals and

Re: rate limiting

> On Apr 7, 2016, at 11:57 PM, Casey Connor > wrote: > > Please consider decimal-second rate limiting as a feature request. :-) It is very unlikely to happen. To deliver much more than one message per second, given typical message transaction latencies, delivery concurrency is required, and s

Re: rate limiting

On 04/07/16 23:57, Casey Connor wrote: > >>> We are sending on the order of 50-200+ messages per second in this stress >>> test, so the delay between messages could be smaller than .005 seconds. >> Inject 50-200 messages per second into Postfix, and mail will not >> be delivered faster than it co

Re: rate limiting

We are sending on the order of 50-200+ messages per second in this stress test, so the delay between messages could be smaller than .005 seconds. Inject 50-200 messages per second into Postfix, and mail will not be delivered faster than it comes in (unless a backlog develops and clears when do

Re: rate limiting

> On Apr 7, 2016, at 11:32 PM, Casey Connor > wrote: > > Thank you -- will it accept decimal seconds? No. > We are sending on the order of 50-200+ messages per second in this stress > test, so the delay between messages could be smaller than .005 seconds. Inject 50-200 messages per second i

Re: rate limiting

Thank you -- will it accept decimal seconds? We are sending on the order of 50-200+ messages per second in this stress test, so the delay between messages could be smaller than .005 seconds. On 04/07/2016 06:19 PM, Wietse Venema wrote: See: http://www.postfix.org/postconf.5.html#default_tran

Re: rate limiting

See: http://www.postfix.org/postconf.5.html#default_transport_rate_delay http://www.postfix.org/postconf.5.html#default_destination_rate_delay The names are similar but things work differently. Wietse

Re: Rate limiting guidance needed

Hi, If it's possible to throttle based on MX record for a domain, I'd really appreciate your help. Hi, Alex. I don't do it that way, but that sounds simpler than the way I do it! Interested to see what others come up with. I didn't receive any other responses. Is that because it's not

Re: Rate limiting guidance needed

On 06/05/2015 02:00 AM, Glenn English wrote: If it's possible to throttle based on MX record for a domain, I'd really appreciate your help. I do it with the iptables packet filter (I'm on Linux, but I suspect there are similar packages on other systems). I'm doing packet shaping with tc/h

Re: Rate limiting guidance needed

> If it's possible to throttle based on MX record for a domain, I'd really > appreciate your help. I do it with the iptables packet filter (I'm on Linux, but I suspect there are similar packages on other systems). I shuttle incoming packets of the different protocols to individual chains, the

Re: Rate limiting guidance needed

On Thu, Jun 4, 2015 at 4:02 PM, Alex Regan wrote: > If it's possible to throttle based on MX record for a domain, I'd really > appreciate your help. > Hi, Alex. I don't do it that way, but that sounds simpler than the way I do it! Interested to see what others come up with. > If you have a lis

Re: Rate limiting to gmail, yahoo

Alex Regan: > Hi, > > I posted the message below a few days ago, and haven't seen any > responses. Were my questions too confusing or did I otherwise not > provide the info necessary to help with my problem? This is a frequent topic on this mailing list. Wietse

Re: Rate limiting to gmail, yahoo

Hi, I posted the message below a few days ago, and haven't seen any responses. Were my questions too confusing or did I otherwise not provide the info necessary to help with my problem? Thanks, Alex On 04/18/2015 10:25 PM, Alex Regan wrote: Hi, I have a fedora20 system with postfix-2.10.5

Re: Rate limiting

System Support: > The reason for working on this is because the relay host is complaining about > excessive traffic > (>5msg/s) and freezing the connection after the first 50 deliveries, so > apparently they do not Use "whatever_rate_delay = 1" and do NOT set the whatever_destination_recipient

Re: Rate limiting

On 25 Feb 2015 at 19:56, Viktor Dukhovni wrote: > On Wed, Feb 25, 2015 at 02:46:29PM -0500, System Support wrote: > > > > No, there should be no such delay because this is a single delivery > > > of a single message with two recipients. > > > > > > Note the identical smtp[7114] pids, with iden

Re: Rate limiting

On Wed, Feb 25, 2015 at 02:58:21PM -0500, Wietse Venema wrote: > > OK. Is there any way to rate limit the traffic to the relay for > > this use case? I tried reducing the default_destination_recipient_limit > > to 1 along with the relay and smtp versions. > > If you set this to 1, you rate-limit

Re: Rate limiting

System Support: Content-Description: Mail message body > > Note the identical smtp[7114] pids, with identical queue-id, delays > > down to .01s and the same remote server queue id. > > > > You're not reading your logs correctly. Note also that your previous > > 50/s is likely due to the default r

Re: Rate limiting

On Wed, Feb 25, 2015 at 02:46:29PM -0500, System Support wrote: > > No, there should be no such delay because this is a single delivery > > of a single message with two recipients. > > > > Note the identical smtp[7114] pids, with identical queue-id, delays > > down to .01s and the same remote ser

Re: Rate limiting

On 25 Feb 2015 at 18:22, Viktor Dukhovni wrote: > On Wed, Feb 25, 2015 at 12:50:29PM -0500, System Support wrote: > > > and then ran a test with an address list that had 3 addresses 1 local and 2 > > at gmail. I believe that > > there should be a 10 second delay between the 2 gmail deliveri

Re: Rate limiting

On Wed, Feb 25, 2015 at 12:50:29PM -0500, System Support wrote: > and then ran a test with an address list that had 3 addresses 1 local and 2 > at gmail. I believe that > there should be a 10 second delay between the 2 gmail deliveries, but they > were delivered > together. Here is the log

Re: Rate limiting

On 25 Feb 2015 at 11:33, Wietse Venema wrote: > Unless you have set relay_domains, such mail will be delivered with > the "relay" transport, meaning you would need to set > relay_destination_rate_delay. I set relay_destination_rate_delay = 10s and then ran a test with an address list that had

Re: Rate limiting

System Support: > > > On 25 Feb 2015 at 0:52, Viktor Dukhovni wrote: > > > On Tue, Feb 24, 2015 at 07:44:53PM -0500, System Support wrote: > > > > > --main.cf non-default parameters-- > > > mydestination = $config_directory/local_destinations.dat > > > mydomain = > > > myhostname = maila. > >

Re: Rate limiting

On 25 Feb 2015 at 0:52, Viktor Dukhovni wrote: > On Tue, Feb 24, 2015 at 07:44:53PM -0500, System Support wrote: > > > --main.cf non-default parameters-- > > mydestination = $config_directory/local_destinations.dat > > mydomain = > > myhostname = maila. > > relayhost = > > Is the traffic in

Re: Rate limiting

On Tue, Feb 24, 2015 at 07:44:53PM -0500, System Support wrote: > --main.cf non-default parameters-- > mydestination = $config_directory/local_destinations.dat > mydomain = > myhostname = maila. > relayhost = Is the traffic in question using the "relay" transport (destination domain matches rel

Re: Rate limiting

Here is the postfinger output: Postfinger - Postfix Configuration on Tue Feb 24 19:13:55 EST 2015 $Revision: 1.25 $ Warning: Postfinger output may show private configuration information, such as ip addresses and/or domain names which you do not want to show to the public. If this is the case it

Re: Rate limiting

On Tue, 24 Feb 2015 16:17:10 -0500, System Support stated: > > $ pcregrep -v '^\s*#' /etc/postfix/master.cf I believe that postconf -Mf would display what postfix sees in your master.cf file. It would supply a cleaner output too. -- Jerry

Re: Rate limiting

System Support: > alternate_config_directories = /etc/postfix-relay1, /etc/postfix-in Settings in this main.cf file have no effect on the postfix-relay1 or postfix-in instances. Wietse

Re: Rate limiting

On 24 Feb 2015 at 17:09, Viktor Dukhovni wrote: > On Tue, Feb 24, 2015 at 08:42:08AM -0500, System Support wrote: > > > I send several weekly newsletters where a number of the e-mails are all > > relayed to a separate > > host. I would like to rate limit the traffic to this host. I tried us

Re: Rate limiting

On Tue, Feb 24, 2015 at 08:42:08AM -0500, System Support wrote: > I send several weekly newsletters where a number of the e-mails are all > relayed to a separate > host. I would like to rate limit the traffic to this host. I tried using: > > smtp_destination_rate_delay = 1s What is the name

Re: Rate limiting

System Support: > Wietse, > > Thanks. But now I am confused. From what I understood you to > say, I should be sending 1msg/s > to the next hop, but according to my logs, I am sending ~50msg/s > to the relay, and I would like to > get it to under 5msg/s. Then you need to follow instructions in t

Re: Rate limiting

Wietse, Thanks. But now I am confused. From what I understood you to say, I should be sending 1msg/s to the next hop, but according to my logs, I am sending ~50msg/s to the relay, and I would like to get it to under 5msg/s. On 24 Feb 2015 at 8:55, Wietse Venema wrote: System Support: > >

Re: Rate limiting

System Support: > > I send several weekly newsletters where a number of the e-mails > are all relayed to a separate host. I would like to rate limit > the traffic to this host. I tried using: > > smtp_destination_concurrency_limit = 5 smtp_destination_concurrency_limit has no effect when you t

Re: Rate limiting users?

> On 24 Sep 2014, at 10:57 , li...@rhsoft.net wrote: > > > Am 24.09.2014 um 18:45 schrieb LuKreme: >> Not sure if this is even a postfix question, but let's say for the sake of >> argument I want to set the following limits for user accounts: >> >> 1) maximum 100 mails in x minutes > > not pe

Re: Rate limiting users?

Am 24.09.2014 um 18:45 schrieb LuKreme: > Not sure if this is even a postfix question, but let's say for the sake of > argument I want to set the following limits for user accounts: > > 1) maximum 100 mails in x minutes not per user but per client IP anvil_rate_time_unit = 1800s smtpd_client_c

Re: Rate limiting users?

Hello, You should have a look at this postfix policy server : http://postfwd.org Le 24 sept. 2014 18:46, "LuKreme" a écrit : > Not sure if this is even a postfix question, but let's say for the sake of > argument I want to set the following limits for user accounts: > > 1) maximum 100 mails in x

Re: Rate limiting users?

LuKreme: > Not sure if this is even a postfix question, but let's say for the sake of > argument I want to set the following limits for user accounts: > > 1) maximum 100 mails in x minutes > 2) maximum 1000 mails per day > 3) maximum X MB output per day > 4) exclude some users (for example, mailm

Re: rate limiting issue

On 7/15/2012 9:53 AM, Ryan Pugatch wrote: > There is an ASA firewall in the office > and an ASA firewall in the new datacenter. Upon seeing this I thought "Aha!" Then I read: > No esmtp fixup though. That "fixup" is often the cause of such goofy problems. Nonetheless, it is a good idea to eli

Re: rate limiting issue

> On 7/14/2012 11:40 PM, Ryan Pugatch wrote: > > While this problem occurs, does SSH work? IMAP? Anything other than > SMTP? Have you disabled any/all iptables/ipfilter rules and disabled > AppArmor/SELinux? Is there a firewall other than the NAT device in the > packet path, i.e. in the new da

Re: rate limiting issue

Ryan Pugatch: > connections from our NAT IP start getting ignored by our two MTA's. I can > watch a TCPDUMP on the MTAs and then telnet to them on 25 from a box > behind the NAT and I can see the SYN packets arriving to the MTA but no > response is given. Worth noting, no connection can be made f

Re: rate limiting issue

On 7/14/2012 11:40 PM, Ryan Pugatch wrote: > I am running Zimbra which means my MTAs are running Postfix 2.6.7. > > At work, our mail systems were hosted within our office but as of > yesterday they are hosted externally at a data center. > > When everyone would get to the MTA while the system w

Re: rate limiting per MX / group of IPs?

Tomasz Chmielewski: > On 02/14/2012 01:01 AM, Wietse Venema wrote: > > Tomasz Chmielewski: > >> Is it possible to do rate limiting per MX, or a group of IPs, and not by > >> email address / domain? > > ... > >> But instead of listing every domain in transport_maps, I'd rather use > >> the MX values

Re: rate limiting per MX / group of IPs?

On 02/14/2012 01:01 AM, Wietse Venema wrote: Tomasz Chmielewski: Is it possible to do rate limiting per MX, or a group of IPs, and not by email address / domain? ... But instead of listing every domain in transport_maps, I'd rather use the MX values, or IP ranges - is it somehow possible? Th

Re: rate limiting per MX / group of IPs?

Tomasz Chmielewski: > Is it possible to do rate limiting per MX, or a group of IPs, and not by > email address / domain? ... > But instead of listing every domain in transport_maps, I'd rather use > the MX values, or IP ranges - is it somehow possible? This is not possible. DNS lookups happen

Re: rate limiting spammers who have guessed passwords and use squirrelmail to inject into postfix

Larry Vaden wrote: > Larry Vaden texoma.net> writes: >> What are the URLs which describe BCP for this situation? >> >> THANKS for your response(s). >> >> kind regards/ldv > I note Ralf encountered a very similar problem (see > < limiting--td20671270.html>>), but he

Re: rate limiting spammers who have guessed passwords and use squirrelmail to inject into postfix

Larry Vaden texoma.net> writes: > > What are the URLs which describe BCP for this situation? > > THANKS for your response(s). > > kind regards/ldv I note Ralf encountered a very similar problem (see <>), but he's apparently not in today :

Re: rate limiting spammers who have guessed passwords and use squirrelmail to inject into postfix

Is your mail server running Postfix? If not, you're probably not going to find very much useful information from this list. You should obviously identify which users have weak passwords and make them change their passwords ASAP. Rich Wales ri...@richw.org

Re: Rate Limiting

On Fri, 21 May 2010 23:32:27 +0300 Appliantologist wrote: > I figured it's be pretty easy, say have some file like used in the > various popauth schemes. If the IP address of the connection in not in > the list, NO relay. It wasn't. Strict 822RFC is set and it doesn't > stop the guy from sendin

RE: Rate Limiting

> I've seen everything set up per the documents and all the online tests > showing that i'm not an open relay. I have no need for external > sendmail and I've used all the proper configs and all the suggestions > on the list, and I still get some guy with watches for sale who can > send mail anyway

Re: Rate Limiting

On 5/21/2010 3:32 PM, Appliantologist wrote: On Wed, May 19, 2010 at 9:58 AM, Stan Hoeppner wrote: punit jain put forth on 5/19/2010 12:52 AM: I am using Postfix as an MTA but I see nowadays lot of spam going out of my system. I have used transport based throttling for a domain but I am looki

Re: Rate Limiting

On Wed, May 19, 2010 at 9:58 AM, Stan Hoeppner wrote: > punit jain put forth on 5/19/2010 12:52 AM: > >> I am using Postfix as an MTA but I see nowadays lot of spam going out of my >> system. I have used transport based throttling for a domain but I am looking >> for options for per sender based r

RE: Rate Limiting

> I came across Policyd. It seems to follow similar Perl script for rate > limiting. Does that sound like a solution ? If it fits your needs, then yes.

Re: Rate Limiting

> Anything is possible. I'm working on a similar idea for controlling this, where I track the message count over a period of time, for each sender, and if it goes beyond a threshold, they are suspended until it's resolved (or they stop sending). > General idea is to catch the SASL sender on before

RE: Rate Limiting

>I am using Postfix as an MTA but I see nowadays lot of spam going out of my >system. I have used transport based throttling for a domain but I am looking >for options for per sender based rate limiting. Can I achieve per user based >throttling using postfix or I have to use some 3rd party sof

Re: Rate Limiting

On 2010-05-19 8:23 AM, Kenneth Marshall wrote: > On Wed, May 19, 2010 at 07:03:12AM -0400, Charles Marcus wrote: >> He wasn't asking how to delete the queued messages, he was looking for a >> way to limit the damage if a user account gets compromised in the future >> (this subject has come up befor

Re: Rate Limiting

On Wed, May 19, 2010 at 07:03:12AM -0400, Charles Marcus wrote: > On 2010-05-19 6:33 AM, Stan Hoeppner wrote: > > Then just delete the 20K messages from the queue using postsuper > > within a script and reset the password on the compromised account. > > He wasn't asking how to delete the queued me

Re: Rate Limiting

On 2010-05-19 6:33 AM, Stan Hoeppner wrote: > Then just delete the 20K messages from the queue using postsuper > within a script and reset the password on the compromised account. He wasn't asking how to delete the queued messages, he was looking for a way to limit the damage if a user account get

Re: Rate Limiting

Punit Jain put forth on 5/19/2010 4:19 AM: > >> Throttling is not the solution to fight spam originating within your > network. If you know who is doing it, boot him. If you don't, identify > who it is, then boot him. Period. Why are you playing paddy cakes with a > spammer on your network? > > I

  1   2   >